Sonarqube setup from scratch and Code analysis | [Latest 2022]

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hello everyone welcome back to my channel today in this video i'll show you how you can set up a sonarqube server starting from scratch and analyze our gradle project here we will start with the prerequisites where we will see the dependencies which are required for sonar cue and then we will see different component of sooner cube and their responsibilities and then we will set up the sonarqube server once the sonarqube server is up and running we can simply analyze or scan a gradle project also i'll walk through the sonarqube dashboard to see what all information are present on the dashboard and at the end i will also show you how you can troubleshoot if you face any issues while doing these steps so without any further ado let's start with this video firstly we will check the requirements or dependencies for the sonar cube setup so here i'm on the sonar cube org website here on the website we have multiple options like product what's new documentation in the community and also we have a download button where you can simply download the executables of sonarqube uh first thing we'll do we'll simply check the documentation part where we want to see the requirements so here on the left panel we have this requirements section so here under requirements prerequisites and overview so here it is mentioned we can either use oracle jre or open jdk with version 11 okay and then we have different options of database of you can use postgres microsoft sql server oracle you can simply check for the versions here which are supported for my video i'll be using postgres with version 11 then we also have the supported web browsers mentioned over here so here i'll be using google chrome so yeah that's about the requirements uh i would suggest that before starting this uh setup make sure you have the relevant versions available with you for these tools now let's move to the next part now we will see the different component of sonar cube here uh on the same website if i go to setup and upgrade here we have this option install the server so here if you go you can see that there is a beautiful diagram over here which basically shows the different components of sonarqube and its uh communication between them right so here if you see we have this scanner component we have this sonar cube server and then we have a database server now let's go through each component and try to understand its responsibilities so first we have sonar cube server where we can see this web server available so here if you see it says that it's a web server that serves the sonar cube user interface right so basically whatever the dashboard and everything you see that comes through this web server and then we have this search server which is basically based on elastic search and along with this we have the compute engine which is basically responsible for processing the code analysis reports and saving them in the database right so whatever the database you set up this compute engine will take the reports and will compute it and then it will save it in the database server right so that's about the sonar cube server and then we have this database server where we will be storing all the metrics issues or any kind of analysis reports for a project in this database and using this data only we will be showing all the information on the sonarqube dashboard right so that's about the database server and then we have a scanner component which basically scans your project and then these reports are sent to the sonarqube server right and this scanner can be included either in the build or in the continuous integration tool okay next we will see this component in action so let's move to setting up the sonar cube server for setting up the sonar keep server we will require the sonar cube executable for downloading the executables you can simply search for download sonarqube so here for sonarcube.org website we have this link for download we will simply click on this so here you can see that we have different editions community developer enterprise or data center we'll simply use this default one where you can simply click on this download for free and it will allow you to download so yeah my download will start in few seconds so as you can see we are able to download the zip file here okay so once your zip file is downloaded you simply need to unzip it and then i'll show you how it looks so this download will take some time so i have already downloaded it and unzip it so i have kept it in the sonar cube directory so i have this folder where i have all the executables available so if i go inside this folder i have these many options like bin conf data and then other logs and all these folders are there so the first thing you need to do here is you simply need to edit the configurations but before editing the configurations we have to make sure that whatever the requirements or dependencies which we seen that is required should be there so for example first thing you will be requiring is the java right you need to have a java 11 present so for me i'm using i'm using java 11 so i can show you so here if you see i have different versions of jdk so i'll be using this open jdk 11 for this sonar cube server okay so apart from java we will also need to have a database server so for that i have postgres sql 11 so if i open this i need to have a database created with the name sonarqube you can have any name but i have kept this database name as sooner cube because this name will be required for the configuration also you will be requiring the credentials to connect with this database so i'll show you so once your jdk and database are in place now we are good to edit the configurations so what i'll do is simply so here if i show you uh we have this con folder here all the configurations are there so i'll simply go to this directory okay and here if you see we have two different files right one is sonar properties and one is wrappercon so first let's edit the wrapper comm so i'll simply open this inside veeam editor so here if i have to show you the only change you will be requiring here is wrapper.java.com equal to you have to give the path of your java okay so here if you see i have simply given the path of jdk 11 so in the similar manner wherever your java is present you simply need to give the path of that and that's it another option you don't need to touch right you simply need to edit this one okay initially it will be having a value just java you have to replace that with this path and then you can simply save this and come out of this you can also use different editor for editing this configuration wherever you are comfortable with i'll be using vim right next what i'll be doing is i'll be simply opening this sonar properties in vm editor now here i'll show you there are multiple things you need to change here so initially when you open this file all these lines will be commented so the first thing you need to edit here is sonar.jdbc dot username so this is going to be your database server name for me it was postgres and then you need to provide the password for me my password for database is this one this is about the credentials you will be requiring for connecting to the database and also here if you go down here you have this sonar.jdbc url so here you need to give the url so that it can get connect to the database server for postgres we have something like jdbc colon postgres sql then localhost and then the port number okay so that's about the database configuration you need to put in this file right with this your sonarqube server should be able to communicate with the database and then apart from this if you go down there are few more configuration you have to do so here we have this property sonarweb host which is assigned with a value 0.0.0.0 which is nothing but your localhost so i'll keep as is and also don't forget to uncomment this line so any configuration which you'll be using should be uncommented so i have uncommented all these lines initially it was commented and also if you see i have kept the port for sonar cube as 9000 which is default you can use different port as well you just need to change this value okay so once this values are set there are other configuration as well i'll show you what else you need to change others you can leave as is if you are not using it i'll just do a bare minimum change so that we can start the sonarqube server here you have to define a path uh so not part data so that all the data can be stored here and then you also need to provide a temporary path so these two paths should be required and you can provide any path wherever you want your data to be persisted okay so that's about the configuration uh you don't need to change any other properties i can simply save this file and come out now once your configurations are done you can simply go back to the root directory of this sonar key folder and then here on the root directory of sonar cube you can see there is this directory bin i'll simply go inside this pin and here inside this bin we have directories for linux mac and windows so all this fold directory will have the script using which you can run the sonarqube server as i'm using mac i'll be using script from this directory so i'll move to mac os here inside this you see there is this script for it right you will see similar script in windows and linux as well so for windows you'll have a batch file but for linux you will have a script so now i'll simply have to run this script so i'll simply run this command sonar and for with this script you need to pass the parameter so i'll show you what all parameters are available you can you will have to pass either start stop console full stop restart status and down anything you can use with this script so for me i'll be using start because i want to start the server so once i hit enter it should start the sonar cube so here we get this option started sooner cube so our sonar loop should be started let's go to the browser so here as we know that we have kept the port as 9000 i can simply use localhost 9000 and here you see sonar cube is starting so it will take some time it will get loaded so we can say that now our sonarqube server is running successfully so let's give some time so that it can get started so here we have this option sonarqube was up now it asks for credentials so initially you will have credentials admin admin but i have changed to something else so i'll use that okay here you will have a dashboard something like this where you have different options available here and you have different ways using which you can connect your project right so the next thing what we wanted to do is we want to analyze or scan a gradle project so basically once your sonar server is up next i want to scan one of my project right so for that i have kept one project open so i have a dummy project here snack and later which is a griddle project so we have this and we have some source file here and some text file so for me this is a gradle project so i'll show you how you can simply add a scanner to it so for that here we have different option available here so here i'll choose manually option here you need to provide a project name and a key so for us our project name was snack and later so i'll simply keep snacking later okay and you just need to click this setup button and here our snake and ladder project is created now we have this option how do you want to analyze your repository so you can use different options you can attach to a bitbucket or a gitlab or anything else but for now for us it is locally right so i simply click on this here we need to generate a token here if you see the token is used to identify when an analysis is performed so this token will get used every time your scanner will run on the project where you need to provide a name to this token i'll call it snake and ladder token i'll simply click on this generate button so it has created this token you can simply copy it or you can simply press on continue here for different type of projects either maven or gradle it shows you what you need to do so for us it is the gradle project right so here we have two steps to execute the scanner for the gradle project so the first thing you need to do is you have to add the plugin so here we can simply copy this and i'll go to my project here in the build.gradle file under plugins section i can simply add this okay and i can refresh the gradle so that this plugin will get added to my project and once that is done the next thing you need to do is you need to run this command so you can simply copy from here as you can see here in the command we are running sonar cube come with some attributes where we are passing the project key the url of the server and then this token okay so i can simply copy this i'll go to the terminal here so here this is already done so i can simply go to the terminal and i can paste this okay so for now before running this as we see we do not have here anything right here we have only one project created but if you see there is nothing inside it but once we run this command let's see what happens so here i have executed this command so it will take some time to analyze your project and once this is completed we should be able to see all the information on the sonar cube dashboard so let's wait for some time so the build is successful so i can now go to the sonar cube dashboard and if i refresh this let's go to the project so now yes here if you see we have this information available here about the bugs vulnerabilities or code smells so if you go inside this so here under the overall code tab we can simply see that we have zero bugs zero vulnerabilities zero security hotspot but here we have seven coat smells present in that particular project and which adds up to 31 minute of depth right so this kind of information you get from here and if you want to see some detailed information you can simply go to issues under which we have different options here one of the option is severity where based upon the criticality of the issue you can simply check so here we have one option where it says that it's a blocker and if you see it says that add some test in this class so there is no no text available that's why it is saying it's a issue and if you see there is other major issues which says add a private constructor to hide the implicit public one and also if you want to see why this is an issue you can simply click on this you can read about it you will get to know or what it tries to tell you right based upon that you have different minor issues or info so you can utilize this information to make your code base much better for now i'll not go into more details so yeah that's about adding a project to your sonar cube dashboard you can add more projects using this option so you need to follow the similar steps and then your project should be listed here so yeah that's about how you can scan the gradle project using a sonarqube scanner now let's move to the next part which is troubleshoot so while setting up this sonarqube server you might get some issue and you should be knowing what you should do when you face any issue so i'll show you what you can do so let's say uh you are trying to set up the server and when you are trying to hit 9000 port in the local host you are not able to get this dashboard so where to look for what is the issue so for that you will simply need to go to this sonar cube directory uh where you have this directory called logs so if i show you under this we have this directory called logs right if you go inside logs you will see we have different logs available here right access log c log e s log sonar log okay weblog so you can simply go through these different logs and you should be able to see the exact error so if i have to show you this web block i'll simply open this in vm editor okay so as the name suggests this is a web block as i have already shown you that there is a web server inside sonar queue so this is going to tell you about that why your dashboard is not coming up so if i enter if i go at the end of this you will be able to see a lot of information here so here this is the info log in case you are getting any any error it should come up here okay so do check out here as well and also you can check different different logs like like access locks or es log elastic search lock going through these locks will definitely help you to narrow down the issue and you can simply get to know the exact issue you might get a connectivity issue you might put wrong credentials for your database this kind of thing you may do so do check out this logs you will get to know the exact issue and let's say if you get some error which you're not aware about and you don't know how to fix it you can simply google it there is a sonarqube community who have already uh solved a lot of issues which people have faced during setting up the server so that might help you also if you face any issue you can comment down below i'll try to help you out to fix that so yeah that's about the troubleshooting part so i hope this video is helpful to you if you find this video helpful do like the video because that is the only way any future user will get access to these videos and also comment down if you successfully set up the sonarqube server so that future user can also get help from this video so that's all about this video if you learn something from this video please hit the like button and if you're new to this channel please don't forget to hit the subscribe button and press that bell icon so that you get notified for our upcoming new videos thank you for watching

Info

Channel: Engineerhoon

Views: 156,490

Rating: undefined out of 5

Keywords: analyse code quality using SonarQube, sonarqube tutorial, analyse code quality, analyse code quality sonarqube, sonarqube tool, test coverage using sonarqube, How to generate test coverage report using SonarQube, Install and configure SonarQube server on windows, Install and configure SonarQube server on mac, sonarqube installation, code analysis, sonarqube, static code analysis, sonarqube tutorial 2021, sonar qube, how to use sonarqube, sonarqube installation on windows

Id: LpjANAPF2Oo

Channel Id: undefined

Length: 17min 31sec (1051 seconds)

Published: Sat Sep 11 2021